Export the following environment for Vault CLI environment.
The root token used to authenticate the Vault CLI requests is given below. Replace <root-token> with the root token generated during Initialization.

Accessing Vault on Kubernetes

The service always exposes the active Vault node. It hides failures by switching the service pointer to the currently active node when failover occurs.

The name and namespace of the service are the same as the Vault resource. For example, if the Vault resource's name is example and the namespace is default, the service's name and namespace will also be example and default respectively.

Applications in the Kubernetes pod network can access the service through https://example.default.svc:8200.

Starting a standby Vault node

A standby Vault node is initialized and unsealed, but does not hold the leader election lock. The standby node cannot serve user requests. It forwards user requests to the active node. If the active node goes down, a standby node becomes the active node.